Lucene search
+L

100 matches found

Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.4 views

PT-2025-39342

Name of the Vulnerable Software and Affected Versions GIMP affected versions not specified gegl affected versions not specified Description A heap-based buffer overflow exists in the handling of HDR files within GIMP, potentially allowing for remote code execution. The issue resides in the gegl...

7.8CVSS8.4AI score0.02751EPSS
Exploits0References79
OSV
OSV
added 2024/11/19 4:2 p.m.15 views

RLSA-2024:9548 Important: openexr security update

OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a brief overview of OpenEXR and explains concepts that are specific to this format. This package containes the binaries for OpenEXR. Security Fixes:...

9.1CVSS9.2AI score0.01258EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2024/11/13 3:29 p.m.17 views

Important: Red Hat Security Advisory: openexr security update

An update for openexr is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

9.1CVSS7.3AI score0.01258EPSS
Exploits1References2
AlmaLinux
AlmaLinux
added 2024/11/13 12:0 a.m.12 views

Important: openexr security update

OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a brief overview of OpenEXR and explains concepts that are specific to this format. This package containes the binaries for OpenEXR. Security Fixes:...

9.1CVSS6.8AI score0.01258EPSS
Exploits1References4
OSV
OSV
added 2024/11/08 3:57 p.m.18 views

RLSA-2024:8800 Important: openexr security update

OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a brief overview of OpenEXR and explains concepts that are specific to this format. This package containes the binaries for OpenEXR. Security Fixes:...

9.1CVSS9.2AI score0.01258EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2024/11/04 12:9 p.m.15 views

Important: Red Hat Security Advisory: openexr security update

An update for openexr is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

9.1CVSS7.3AI score0.01258EPSS
Exploits1References2
OSV
OSV
added 2024/11/04 12:0 a.m.28 views

ALSA-2024:8800 Important: openexr security update

OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a brief overview of OpenEXR and explains concepts that are specific to this format. This package containes the binaries for OpenEXR. Security Fixes:...

9.1CVSS9.2AI score0.01258EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2024/08/07 2:47 a.m.6 views

SUSE CVE-2024-28579

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 r1909 allows a local attacker to cause a denial of service DoS via the FreeImageUnload function when reading images in HDR format...

6.2CVSS6.6AI score0.00291EPSS
Exploits1References3
OSV
OSV
added 2024/04/12 7:15 a.m.3 views

CVE-2024-22526

Buffer Overflow vulnerability in bandisoft bandiview v7.0, allows local attackers to cause a denial of service DoS via exr image file...

5.5CVSS5.8AI score0.00407EPSS
Exploits0References1
CNVD
CNVD
added 2024/02/04 12:0 a.m.12 views

OpenEX Buffer Overflow Vulnerability

OpenEXR is an open standard for high dynamic range image HDR file formats. A buffer overflow vulnerability exists in OpenEXR 3.2.1 and prior versions that stems from an inability to validate the number of scanline samples that contain deep scanline data. An attacker could exploit this vulnerabili...

9.1CVSS6.8AI score0.01258EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2023/12/26 12:0 a.m.8 views

The vulnerability of the stb_image.h component in the C/C++ Libstb library allows a hacker to cause a service failure.

The vulnerability of the stbimage.h component in the C/C++ Libstb library relates to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability could allow a malicious actor to cause service failure by using a specially created HDR file...

7.8CVSS6.4AI score0.01213EPSS
Exploits0References6Affected Software2
SUSE CVE
SUSE CVE
added 2023/02/15 5:10 a.m.2 views

SUSE CVE-2015-8900

The ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x allows remote attackers to cause a denial of service infinite loop via a crafted HDR file...

5.5CVSS6.6AI score0.01743EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:37 a.m.6 views

SUSE CVE-2021-42715

An issue was discovered in stb stbimage.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An attacker could potentially have caused denial of service in applications using stbimage by submitting crafted HDR files...

5.5CVSS7.5AI score0.01213EPSS
Exploits0References6
Fedora
Fedora
added 2022/03/18 8:7 p.m.41 views

[SECURITY] Fedora 35 Update: openexr-3.1.4-1.fc35

OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a brief overview of OpenEXR and explains concepts that are specific to this format. This package containes the binaries for OpenEXR...

6.5CVSS6.4AI score0.00849EPSS
Exploits0
Fedora
Fedora
added 2021/12/05 1:39 a.m.15 views

[SECURITY] Fedora 34 Update: synfigstudio-1.4.0-3.fc34

Synfig Animation Studio is a powerful, industrial-strength vector-based 2D animation software, designed from the ground-up for producing feature-film quality animation with fewer people and resources. It is designed to be capable of producing feature-film quality animation. It eliminates the need...

1AI score0.0071EPSS
Exploits1
Fedora
Fedora
added 2021/12/05 1:39 a.m.21 views

[SECURITY] Fedora 34 Update: pfstools-2.1.0-17.fc34.1

pfstools is a set of command line programs for reading, writing, manipulating and viewing high-dynamic range HDR images and video frames. All programs in the package exchange data using unix pipes and a simple generic HDR image format pfs. The concept of the pfstools is similar to netpbm package...

0.8AI score0.0071EPSS
Exploits1
OpenVAS
OpenVAS
added 2021/11/14 12:0 a.m.5 views

Fedora: Security Advisory for synfig (FEDORA-2021-df1fa3d3e0)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Fedora
Fedora
added 2021/11/12 12:38 a.m.19 views

[SECURITY] Fedora 35 Update: synfigstudio-1.4.0-3.fc35

Synfig Animation Studio is a powerful, industrial-strength vector-based 2D animation software, designed from the ground-up for producing feature-film quality animation with fewer people and resources. It is designed to be capable of producing feature-film quality animation. It eliminates the need...

6.9AI score
Exploits0
OSV
OSV
added 2021/10/21 7:15 p.m.2 views

DEBIAN-CVE-2021-42715

An issue was discovered in stb stbimage.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An attacker could potentially have caused denial of service in applications using stbimage by submitting crafted HDR files...

5.5CVSS6.1AI score0.01213EPSS
Exploits0References1
OSV
OSV
added 2021/10/21 7:15 p.m.5 views

UBUNTU-CVE-2021-42715

An issue was discovered in stb stbimage.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An attacker could potentially have caused denial of service in applications using stbimage by submitting crafted HDR files...

5.5CVSS7.1AI score0.01213EPSS
Exploits0References4
Rows per page
Query Builder